Encryption such as used in current computer systems can be divided into asymmetric (or, “Public Key”) encryption and symmetric encryption. Both symmetric and asymmetric encryption utilize keys. The keys may be characterized as long numeric strings. An encryption key is used by a transmitter of a message to encrypt the message with an encryption algorithm. The receiver uses a decryption key and a decryption algorithm to decrypt the message. In symmetric encryption, the encryption key and decryption key can be relatively easily derived from each other. In asymmetric encryption, the encryption and decryption keys cannot be derived easily from each other. In either encryption system (symmetric or asymmetric), the encryption and decryption algorithms may be the same or different algorithms.
One challenge with encryption is to securely transmit the necessary information that can be used to generate the needed cryptographic keys between the transmitter and the receiver. One embodiment of a system that uses an asymmetric encryption algorithm utilizes public key/private key pairs. An example of an encryption algorithm that utilizes public key/private key pairs is the RSA (Rivest, Shamir, and Adleman) algorithm. Public key systems may use certificate authorities that store certificates or other key information from which one key of the public key pair can be derived and/or authenticated. Such asymmetric algorithms require a considerable amount of processing capabilities to perform. Many computer peripheral devices do not have sufficient processing capabilities to effectively perform such asymmetric algorithms in a reasonable amount of time. Public key crypto systems are vulnerable to chosen plain-text attacks.
Computer environments use a variety of hardware components including a computer as well as such peripheral devices as a display, a mouse, a printer, a personal display assistant (PDA), or a keyboard. Though certain communication paths in a computer system may be trusted, this does not necessarily mean all communication paths within that computer system are trusted. As such, certain communication paths may need to be encrypted.
Both parties must agree on an encryption algorithm and the corresponding key(s) to establish an encrypted communication path. However, sending the keys or sending the information to derive the keys over the insecure channel may result in a hacker capturing the key information and thereby gaining access to subsequent encrypted traffic. An alternative to sending the key information over the communication path is to manufacture the keys into the devices. However, hackers are also adept at extracting such information from hardware.
One solution for such peripherals as certain wireless keyboards, for example, is asking the user to type a key character string that appears on the computer display. The key character string is used to generate the key within the peripheral device. The key character string may be, for example, 16 or more characters in length. The characters for these key character strings are typically random. Typing in such key character strings is often time consuming, confusing, and error prone. In addition, it is also possible that the key character string can be viewed by an unintended or undesired third party visually or by using a camera, listening to the keyboard, etc.
For all of these reasons mentioned above, there exists a need for an encryption system or technique that makes transfer of key information less susceptible to intrusion by unintended third parties or hackers.